search

seL4 / seL4-CAmkES-L4v-dockerfiles

Dockerfiles defining the dependencies required to build seL4, CAmkES, and L4v.
12 stars 39 forks source link

make user does not work #22

Closed Srinivasa314 closed 4 years ago

Srinivasa314 commented 4 years ago

Make user exits with error 6 and prints

scripts/utils/check_for_old_docker_imgs.sh
docker build --force-rm=true \
    --build-arg=USER_BASE_IMG=trustworthysystems/camkes \
    -f dockerfiles/extras.dockerfile \
    -t extras \
    .
Sending build context to Docker daemon  82.94kB
Step 1/3 : ARG USER_BASE_IMG=trustworthysystems/sel4
Step 2/3 : FROM $USER_BASE_IMG
 ---> a33752e29215
Step 3/3 : RUN apt-get update -q     && apt-get install -y --no-install-recommends         cowsay         sudo
 ---> Using cache
 ---> 02560e099951
Successfully built 02560e099951
Successfully tagged extras:latest
docker build --force-rm=true \
    --build-arg=EXTRAS_IMG=extras \
    --build-arg=UNAME=srinivasa \
    --build-arg=UID=1000 \
    --build-arg=GID=985 \
    --build-arg=GROUP=users \
    -f dockerfiles/user.dockerfile \
    -t user_img-srinivasa .
Sending build context to Docker daemon  82.94kB
Step 1/9 : ARG EXTRAS_IMG=extras
Step 2/9 : FROM $EXTRAS_IMG
 ---> 02560e099951
Step 3/9 : ARG UID
 ---> Using cache
 ---> 2f4f87ecb885
Step 4/9 : ARG UNAME
 ---> Using cache
 ---> 5cc6b37eee99
Step 5/9 : ARG GID
 ---> Using cache
 ---> ecc8b0ca7b71
Step 6/9 : ARG GROUP
 ---> Using cache
 ---> 7123a57c7bd5
Step 7/9 : RUN groupadd -fg ${GID} ${GROUP}     && useradd -u ${UID} -g ${GID} ${UNAME}     && adduser ${UNAME} sudo     && passwd -d ${UNAME}     && echo 'Defaults        lecture_file = /etc/sudoers.lecture' >> /etc/sudoers     && echo 'Defaults        lecture = always' >> /etc/sudoers     && echo '##################### Warning! #####################################' > /etc/sudoers.lecture     && echo 'This is an ephemeral docker container! You can do things to it using' >> /etc/sudoers.lecture     && echo 'sudo, but when you exit, changes made outside of the /host directory' >> /etc/sudoers.lecture     && echo 'will be lost.' >> /etc/sudoers.lecture     && echo 'If you want your changes to be permanent, add them to the ' >> /etc/sudoers.lecture     && echo '    extras.dockerfile' >> /etc/sudoers.lecture     && echo 'in the seL4-CAmkES-L4v dockerfiles repo.' >> /etc/sudoers.lecture     && echo '####################################################################' >> /etc/sudoers.lecture     && echo '' >> /etc/sudoers.lecture     && mkdir /home/${UNAME}     && echo 'echo "___                                   "' >> /home/${UNAME}/.bashrc     && echo 'echo " |   _      _ |_      _   _ |_ |_     "' >> /home/${UNAME}/.bashrc     && echo 'echo " |  |  |_| _) |_ \)/ (_) |  |_ | ) \/ "' >> /home/${UNAME}/.bashrc     && echo 'echo "                                   /  "' >> /home/${UNAME}/.bashrc     && echo 'echo " __                                   "' >> /home/${UNAME}/.bashrc     && echo 'echo "(_      _ |_  _  _   _                "' >> /home/${UNAME}/.bashrc     && echo 'echo "__) \/ _) |_ (- ||| _)                "' >> /home/${UNAME}/.bashrc     && echo 'echo "    /                                 "' >> /home/${UNAME}/.bashrc     && echo 'echo "Hello, welcome to the sel4/CAmkES/L4v docker build environment"' >> /home/${UNAME}/.bashrc     && grep export /root/.bashrc >> /home/${UNAME}/.bashrc     && echo 'export PATH=/scripts/repo:$PATH' >> /home/${UNAME}/.bashrc     && echo 'cd /host' >> /home/${UNAME}/.bashrc     && mkdir -p /isabelle     && chown -R ${UNAME}:${GROUP} /isabelle     && ln -s /isabelle /home/${UNAME}/.isabelle     && chown -R ${UNAME}:${GROUP} /home/${UNAME}     && chmod -R ug+rw /home/${UNAME}
 ---> Running in d44c5439c0ea
useradd: group '985' does not exist
Removing intermediate container d44c5439c0ea
The command '/bin/sh -c groupadd -fg ${GID} ${GROUP}     && useradd -u ${UID} -g ${GID} ${UNAME}     && adduser ${UNAME} sudo     && passwd -d ${UNAME}     && echo 'Defaults        lecture_file = /etc/sudoers.lecture' >> /etc/sudoers     && echo 'Defaults        lecture = always' >> /etc/sudoers     && echo '##################### Warning! #####################################' > /etc/sudoers.lecture     && echo 'This is an ephemeral docker container! You can do things to it using' >> /etc/sudoers.lecture     && echo 'sudo, but when you exit, changes made outside of the /host directory' >> /etc/sudoers.lecture     && echo 'will be lost.' >> /etc/sudoers.lecture     && echo 'If you want your changes to be permanent, add them to the ' >> /etc/sudoers.lecture     && echo '    extras.dockerfile' >> /etc/sudoers.lecture     && echo 'in the seL4-CAmkES-L4v dockerfiles repo.' >> /etc/sudoers.lecture     && echo '####################################################################' >> /etc/sudoers.lecture     && echo '' >> /etc/sudoers.lecture     && mkdir /home/${UNAME}     && echo 'echo "___                                   "' >> /home/${UNAME}/.bashrc     && echo 'echo " |   _      _ |_      _   _ |_ |_     "' >> /home/${UNAME}/.bashrc     && echo 'echo " |  |  |_| _) |_ \)/ (_) |  |_ | ) \/ "' >> /home/${UNAME}/.bashrc     && echo 'echo "                                   /  "' >> /home/${UNAME}/.bashrc     && echo 'echo " __                                   "' >> /home/${UNAME}/.bashrc     && echo 'echo "(_      _ |_  _  _   _                "' >> /home/${UNAME}/.bashrc     && echo 'echo "__) \/ _) |_ (- ||| _)                "' >> /home/${UNAME}/.bashrc     && echo 'echo "    /                                 "' >> /home/${UNAME}/.bashrc     && echo 'echo "Hello, welcome to the sel4/CAmkES/L4v docker build environment"' >> /home/${UNAME}/.bashrc     && grep export /root/.bashrc >> /home/${UNAME}/.bashrc     && echo 'export PATH=/scripts/repo:$PATH' >> /home/${UNAME}/.bashrc     && echo 'cd /host' >> /home/${UNAME}/.bashrc     && mkdir -p /isabelle     && chown -R ${UNAME}:${GROUP} /isabelle     && ln -s /isabelle /home/${UNAME}/.isabelle     && chown -R ${UNAME}:${GROUP} /home/${UNAME}     && chmod -R ug+rw /home/${UNAME}' returned a non-zero code: 6
make: *** [Makefile:182: build_user] Error 6

It says useradd:group 985 does not exist eventhough groupadd is there before it

LukeMondy commented 4 years ago

Hello, thanks for the report!

Can you run:

docker images

so we can see the IMAGE IDs

Srinivasa314 commented 4 years ago 
REPOSITORY                  TAG                 IMAGE ID            CREATED             SIZE
<none>                      <none>              7123a57c7bd5        21 hours ago        4.82GB
extras                      latest              02560e099951        21 hours ago        4.82GB
trustworthysystems/camkes   latest              a33752e29215        36 hours ago        4.63GB
alpine                      latest              a187dde48cd2        3 months ago        5.6MB
LukeMondy commented 4 years ago

Thanks.

OK, it looks like there is a bug, because the group users exists in the container already.

The groupadd command runs, and tries to make another users group - and because it has -f, it doesn't fail - but it also does not change the group ID to match the groupadd command.

I was able to fix this by putting in this line:

 # Crammed a lot in here to make building the image faster
 RUN groupadd -fg ${GID} ${GROUP} \
+    && groupmod -g ${GID} ${GROUP} \
     && useradd -u ${UID} -g ${GID} ${UNAME} \

in the dockerfiles/user.dockerfile, just after this line here: https://github.com/SEL4PROJ/seL4-CAmkES-L4v-dockerfiles/blob/df998a4beed9d5109d564d8b0552ab118af25365/dockerfiles/user.dockerfile#L11

The fix just changes the GID of the group - if it's already correct, it won't change anything. If it has hit an existing group, it will change the group ID. Hopefully shouldn't cause any issues.

Are you able to test this out, and let me know if it helps? I have pushed the fixed commit to our internal system, but it will take a little while to make it out of of CI, and on to GitHub.

Srinivasa314 commented 4 years ago

I can confirm it works.

LukeMondy commented 4 years ago

Great! The fix should get pushed out soon.